Racing Post hit by ‘sophisticated, sustained and aggressive’ attack

The Racing Post suffered a significant security breach to its website on Friday and Saturday in which a database was accessed and customer details were stolen.

The horse racing and gambling venue revealed in an email to its readers that, "despite our best efforts, the security on racingpost.com has been breached over the last 36 hours, in a sophisticated, sustained and aggressive attack".

In response to the breach, the Racing Post assured users that it is currently reviewing all of its security measures and would be putting in "even stronger protection" to prevent this from happening again.

"Extensive changes have already been made overnight with the assistance of industry-leading cyber-security experts," it said in the email.

The database that was accessed during the attack contained details that customers gave when first registering with the site. Some passwords are also thought to have been compromised and as such customers have been advised to change their passwords on other sites where they use the same log-in information.

"We have now established that a number of customer accounts were accessed. Although all the passwords are encrypted, we believe that there is still a chance that some passwords can be deciphered. As yours is one of the accounts involved, there is a risk of identity theft."

Racing Post editor Bruce Millington said in a statement: "Security is an area we take extremely seriously and our website has not been compromised previously. As soon as we were aware of the situation we did everything in our power to halt the breach.

"We are extremely sorry that this unfortunate incident has occurred. We believe it may be part of a wider attack on a number of companies. We thank you for your patience and understanding."

Earlier this month, ITProPortal discussed how best to secure e-commerce and m-commerce systems. You can read more about it here.